refactor nixos hosts

This commit is contained in:
Sean Buckley 2021-04-10 12:55:17 -04:00
parent 8f75961458
commit ba35b789b8
10 changed files with 156 additions and 120 deletions

View file

@ -8,5 +8,10 @@
config = { sconfig.flakes.enable = true; };
};
nixosConfigurations = import ./hosts { inherit unstable stable2009; };
defaultPackage."x86_64-linux" =
with (import unstable { system = "x86_64-linux"; });
(writeShellScriptBin "x" "cat ${writeText "x" self.nixosConfigurations.test}");
};
}

View file

@ -1,34 +1,45 @@
{ unstable, stable2009 }:
let
commonModules = name: [
(../.)
(./. + "/${name}")
hostMetadata =
let
inherit (builtins) readDir concatMap attrNames;
fs = readDir ./.;
hostNames = concatMap (x: if fs.${x} == "directory" then [ x ] else [ ]) (attrNames fs);
in
map
(hn: { name = hn; inherit (import (./. + "/${hn}")) hardware pkgs system; })
hostNames;
hardwareModule = { pkgs, hardware }: (
{
qemu = (x: { imports = [ "${x.modulesPath}/profiles/qemu-guest.nix" ]; });
physical = pkgs.nixosModules.notDetected;
}
).${hardware};
in
builtins.listToAttrs (
map
(h:
let pkgs = { inherit unstable stable2009; }.${h.pkgs};
in
{
name = h.name;
value = pkgs.lib.nixosSystem {
system = h.system;
modules = [
(./..)
(./. + "/${h.name}/configuration.nix")
(hardwareModule { inherit pkgs; inherit (h) hardware; })
({ ... }: {
networking.hostName = name;
networking.hostName = h.name;
sconfig.flakes.enable = true;
sconfig.flakes.rebuildPath = "github:buckley310/nixos-config";
})
];
mkStandardSystem = { name, pkgs, system }: pkgs.lib.nixosSystem {
inherit system;
modules = (commonModules name) ++ [
pkgs.nixosModules.notDetected
];
};
mkQemuSystem = { name, pkgs, system }: pkgs.lib.nixosSystem {
inherit system;
modules = (commonModules name) ++ [
(x: { imports = [ "${x.modulesPath}/profiles/qemu-guest.nix" ]; })
];
};
in
{
vm = mkQemuSystem { name = "vm"; system = "x86_64-linux"; pkgs = unstable; };
hp = mkStandardSystem { name = "hp"; system = "x86_64-linux"; pkgs = unstable; };
manta = mkStandardSystem { name = "manta"; system = "x86_64-linux"; pkgs = unstable; };
neo = mkStandardSystem { name = "neo"; system = "x86_64-linux"; pkgs = unstable; };
}
}
)
hostMetadata
)

View file

@ -0,0 +1,30 @@
{ ... }:
{
services = {
tlp.enable = true;
openssh.enable = true;
};
sconfig = {
gnome = true;
profile = "desktop";
security-tools = true;
};
networking = {
search = [ "bck.me" ];
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = false;
};
fileSystems = {
"/" = { device = "zroot/locker/os"; fsType = "zfs"; };
"/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
"/boot" = { device = "/dev/disk/by-partlabel/EFI\\x20system\\x20partition"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
}

View file

@ -1,30 +1,5 @@
{ ... }:
{
services = {
tlp.enable = true;
openssh.enable = true;
};
sconfig = {
gnome = true;
profile = "desktop";
security-tools = true;
};
networking = {
search = [ "bck.me" ];
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = false;
};
fileSystems = {
"/" = { device = "zroot/locker/os"; fsType = "zfs"; };
"/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
"/boot" = { device = "/dev/disk/by-partlabel/EFI\\x20system\\x20partition"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
pkgs = "unstable";
system = "x86_64-linux";
hardware = "physical";
}

View file

@ -0,0 +1,29 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.vmware-horizon-client ];
services.tlp.enable = true;
services.openssh.enable = true;
networking.search = [ "bck.me" ];
sconfig = {
profile = "desktop";
gnome = true;
security-tools = true;
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
initrd.luks.devices.cryptroot = { device = "/dev/disk/by-partlabel/_root"; allowDiscards = true; };
};
fileSystems = {
"/" = { device = "/dev/mapper/cryptroot"; fsType = "btrfs"; options = [ "subvol=/os" "compress=zstd" "discard" ]; };
"/home" = { device = "/dev/mapper/cryptroot"; fsType = "btrfs"; options = [ "subvol=/home" "compress=zstd" "discard" ]; };
"/boot" = { device = "/dev/disk/by-partlabel/_esp"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
}

View file

@ -1,29 +1,5 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.vmware-horizon-client ];
services.tlp.enable = true;
services.openssh.enable = true;
networking.search = [ "bck.me" ];
sconfig = {
profile = "desktop";
gnome = true;
security-tools = true;
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
initrd.luks.devices.cryptroot = { device = "/dev/disk/by-partlabel/_root"; allowDiscards = true; };
};
fileSystems = {
"/" = { device = "/dev/mapper/cryptroot"; fsType = "btrfs"; options = [ "subvol=/os" "compress=zstd" "discard" ]; };
"/home" = { device = "/dev/mapper/cryptroot"; fsType = "btrfs"; options = [ "subvol=/home" "compress=zstd" "discard" ]; };
"/boot" = { device = "/dev/disk/by-partlabel/_esp"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
pkgs = "unstable";
system = "x86_64-linux";
hardware = "physical";
}

View file

@ -0,0 +1,34 @@
{ pkgs, ... }:
{
sconfig = {
gnome = true;
profile = "desktop";
security-tools = true;
};
networking = {
search = [ "bck.me" ];
};
environment.systemPackages = [ pkgs.vmware-horizon-client ];
services = {
pcscd.enable = true;
openssh.enable = true;
zfs.autoSnapshot = { enable = true; monthly = 0; weekly = 0; };
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
kernelPackages = pkgs.linuxPackages_5_10;
};
fileSystems = {
"/" = { device = "zroot/locker/os"; fsType = "zfs"; };
"/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
"/boot" = { device = "/dev/disk/by-partlabel/_esp"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
}

View file

@ -1,34 +1,5 @@
{ pkgs, ... }:
{
sconfig = {
gnome = true;
profile = "desktop";
security-tools = true;
};
networking = {
search = [ "bck.me" ];
};
environment.systemPackages = [ pkgs.vmware-horizon-client ];
services = {
pcscd.enable = true;
openssh.enable = true;
zfs.autoSnapshot = { enable = true; monthly = 0; weekly = 0; };
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
kernelPackages = pkgs.linuxPackages_5_10;
};
fileSystems = {
"/" = { device = "zroot/locker/os"; fsType = "zfs"; };
"/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
"/boot" = { device = "/dev/disk/by-partlabel/_esp"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
pkgs = "unstable";
system = "x86_64-linux";
hardware = "physical";
}

View file

@ -0,0 +1,7 @@
{ ... }:
{
sconfig.profile = "server";
boot.loader.grub.device = "/dev/vda";
fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
security.sudo.wheelNeedsPassword = false;
}

View file

@ -1,7 +1,5 @@
{ ... }:
{
sconfig.profile = "server";
boot.loader.grub.device = "/dev/vda";
fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
security.sudo.wheelNeedsPassword = false;
pkgs = "unstable";
system = "x86_64-linux";
hardware = "qemu";
}